On Thursday 23 May 2002 5:42 am, SPAM wrote: > I have 16 "real" (routable) IP numbers. (Actually it is 14 after network > and broadcast are counted). My ISP wants to sell me a Cisco router to > filter and control traffic at my end. I know Linux can do this and do it > cheaper. I want to configure a Linux box to act as a transparent firewall > for the clients. What I need to know is how to configure the firewall to > move packets from eth0 (outside) to eth1 (inside). No translation is > necessary. For example, if a packet destined for 129.106.32.3 arrives, I > need it forwarded to the inside interface (eth1) as 129.106.32.3. I need > the Linux box to act as a router, no NAT or PAT. What is the iptables > line to enable it? > > From reading the man page, it seems: > iptables -A FORWARD -p ALL -i eth0 -o eth1 > iptables -A FORWARD -p ALL -i eth1 -o eth0 > would do the trick, but I am unable to cross the router.
What addresses & netmasks have you placed on eth0 & eth1 ? Also, if you're trying to use a Linux box to replace a Cisco router, what physical interface would the external side of this box have to plug into to connect to the ISPs line ? I doubt very much it would be an ethernet socket, because that's usually what the Cisco router is (partly) for - to convert a synchronous serial line into ethernet. Antony.
